Wind River Linux Secure
embedded software, Linux Development, Commercial Embedded Linux
Commercial Embedded Linux
For the first time, organizations that require medium to high robustness in their embedded software have the option of using the world's most popular operating system in mission-critical deployments.
Wind River achieved these certifications on popular embedded hardware architectures from Intel, Freescale, and Texas Instruments.
Wind River Linux Secure protects your devices, your schedule, and your budget
The product offers the following:
A Trusted Operating System from a Trusted Vendor
Your operating system manages your system resources. If the heart of your product is secure, your customers—and theirs—can put their faith in it even in extreme circumstances. Wind River Linux Secure meets or exceeds common industry definitions of a trusted operating system: Common Criteria certification, mandatory access control, and multilevel security.
A Complete Solution
Based on the industry-leading commercial embedded Linux platform, Wind River Linux Secure builds out from its certified core (kernel, user space packages, BSP, and hardware) to provide an end-to-end embedded Linux development platform. Mature, thoroughly tested tools and technology are complemented with extended global support, professional and certification services, open source leadership, and an unmatched partner ecosystem.
Because Wind River Linux Secure is certified on multiple hardware architectures from several leading semiconductor vendors, it offers a commercial off-the-shelf (COTS)-ready option to companies that choose to develop projects on pre-certified configurations. Custom boards and additional packages can be validated as modifications or extensions of the original certification, not new targets.
What does this mean to you? Faster time-to-market, lower cost, dramatically reduced risk.
Wind River Linux Secure Meets and Exceeds Requirements
The General Purpose Operating System Protection Profile (GP-OSPP) outlines the security requirements that must be met to achieve Common Criteria Evaluation Assurance Level 4 (EAL4) certification.
These requirements fall into four broad categories, each of which provides protection against one known class of security threat:
- Identification and authentication
- Human users, other systems, or anonymous users
- Performed remotely
- User data protection
- Persistent storage: at least one file system with granular discretionary access control
- Communication objects: basic packet filter
- Event recording
- Audit trail protection
- Cryptographic services
- TDES (128), AES (128), RSA (2048), DSA (1024), SHA1, RNG, key generation
- TLSv1, SSHv2, IPsec with IKE
To see how Wind River Linux Secure implements security, mouse over the buttons in the following diagram.
SELinux and Governing Security Policy
- Domain and Type Enforcement
- Multilevel Security (MLS)
- Multi-category Security (MCS)
- Discretionary Access Control (DAC)
- Mandatory Access Control (MAC)
- Role-Based Access Control (RBAC)
- Grsecurity, Trusted Path Execution (TPE), and RBAC
- PaX, Address Space Layout Randomization (ASLR)
- ProPolice, Compile Time Stack Protection
- Buffer Overflow Protection
- chroot Jail Hardening
Identification and Authentication
- Linux Pluggable Authentication Module (LPAM)
- Vlock, Account Expiry
- User Data Services (Secure Backup and Scrubbing)
- FIPS Certified Network Security Services (NSS)
- Wind River Cryptographic Framework (WCF)
- MLS/MCS Labeled Networking
- OpenSSL, GNU TLS
- Kerberos, Racoon
- VLAN, Stunnel
- KeyNote Trust Management
- Linux Audit Framework
Complete Solution: Scalable Certified Solution for All Project Sizes
Beginning with its trusted OS core, Wind River Linux Secure offers organizations all the tools they need to create, certify, and support innovative custom devices.
Wind River provides expertise in certification processes, system design, and platform customization
Whether your organization is new to Linux or experienced with open source, our complete offering of professional and certification services can help you meet your goals and deadlines.
When Secure Connectivity Is a Requirement
Aerospace and Defense
The U.S. Department of Defense urges its suppliers to use open source software for persuasive reasons:
- Penetration across industries
- Huge developer talent pool
- Vast library of APIs, applications, and ISV support
- Lower total cost of ownership
- Suitability for high bandwidth applications
Wind River Linux Secure is the right choice wherever certification evidence is required. It is well-suited for use in military command-and-control ground stations, in software defined radio, in secure handheld devices, and in GPS satellite and combat systems requiring medium to high levels of assured security and robustness.
Wind River Linux Secure is a good choice for user interface/human-machine interface, data visualization, multimedia, and other applications where data must be protected over secured networks, in smart energy gateways and cross-domain guards.
As more medical information and treatment relies on network connectivity, Wind River Linux Secure can provide data security and integrity as well as high availability and reliability to ensure patient privacy and system uptime.
Wind River Linux Secure offers cost and competitive advantages in network filter and edge infrastructure applications by offering a hardened, trusted operating system for increased security and performance assurance.
, embedded software
, Linux Development